serial_number of Japanese Personal Number cannot be revealed
Japanese National Personal Number system restricts the use of the serial number of the certificate, and the number can only be handled by companies certified by the government. Thus, this field should be OPTIONAL or allow the use of ppid-ish number that IdP assigns to the person/certificate.
5.1.1.5. Evidence Type electronic_signature
`serial_number`: REQUIRED. String containing the serial number of the certificate used to sign.
Comments (6)
-
-
reporter Japanese Personal Number has even stricter usage limitation (taxation, disaster prevention, welfare, etc)
-
serial_number
is also prohibited in Japan
-
How can we resolve this issue Kosuke? It seems to me that implementers should know whether they are able to include specific attributes or not.
In this specific part of the draft spec it will be up to implementers whether they use a given certificate type or not.
-
reporter I pondered again, and I think I would close the issue as I think in a trust framework where
serial_number
cannot be provided,evidence
would not need to be conveyed anyway. -
- changed status to closed
Closed based on the last comment by the reporter.
- Log in to comment
Is therte a link to Issue #1281?